Archive for August, 2017

Iot devices have given users a smarter control on various applications. These devices can connect and communicate with users and can be operated from almost any location in the world provided you have access to Internet. As IoT devices can be managed from remote locations, it is important to maintain their security and also of the network to which they are connected. The recent DDoS attack (of Oct 2016), which took down prominent service providers across US, is believed to be made possible by use of large number of unsecured IoT devices such as cameras, DVRs etc. So, security of IoT devices should be maintained, specifically to prevent such large scale DDoS attacks.

How to reduce the risk of DDoS attacks?

Use Of Unique Username And Password
A manufacturer should not rely on the end user for securing the device. A unique username and password needs to be set for the device along with a prompt to change these settings as soon as the device is powered on for the first time. The users also need to set strong passwords for the devices to avoid any kind of breach.

Protect Your Device And Servers
A number of monitoring functions should run on the devices to check for any kind of malicious activity from an unknown IP address. This will prevent the bot from accessing your internet and from repeatedly guessing the username and password. Make sure that you update your device and have its security analyzed regularly. Ensure that the server you are running, whether it’s your own or someone else, is secured and properly maintained. The data from the devices should be recognizable and difficult to spoof.

There are a few more things that can be done to prevent your devices from these attacks, which include:

Users should turn off remote access to the IoT devices and limit the devices that can access your network.

Get details of the network settings and its chain of communication with the devices from the connectivity supplier.

The manufacturers should make sure that the device has sufficient DDoS mitigation capabilities.

Users should learn how to scan their own networks for any security flaws. There are different tools which can

help them in finding loopholes before the attackers do.

By securing the network and devices, the users not only prevent themselves from the potential DDoS attacks, but can also improve their device’s performance.

Threat Monitoring is a technique used to improve security of a system or a facility and helps in identifying a potential security breach in the network. It aims at continuously monitoring a network to check if there are any security violations on the device. For example, whenever a person makes repeated failed login attempts, a warning signal is sent to the monitoring center that an intruder might be trying to guess the password.

How It Works?

Threat Monitoring involves day-to-day analysis and evaluation of security data to identify any cyber-attacks or breaches. It collects and correlates information from various processes to identify patterns in order to check if there are any threats to the system.

Benefits

Threat Monitoring helps to detect activities such as an outsider breaching into the network or if any internal process is compromised. While it can be difficult to detect such susceptibilities in overall system security, Threat Monitoring provides a proactive solution to identify such issues beforehand. The technique works by recognizing the anomalies of such illegal activities by correlating information about networks with factors like IP address and URLs.

Threat monitoring provides several benefits such as:

It can help security professionals to check what is happening on their network.

It also assists them to find any vulnerability in their network or applications and how to fix these problems.

Here are the two major reasons why threat monitoring is necessary for small businesses:

The data of your organization is more important than you think. The biggest mistake that few companies make is that they think they have nothing worth stealing. From a small password to the employees’ data, there is a lot of information that a company wants to keep private. Threat monitoring can help to prevent such issues.

You are considered an easy target. You are at a same level of risk as large companies, even though you have less budget to deal with, because these criminals take the path of least resistance.

Threat Monitoring can prove to be a reliable tool when it comes to the security of your network and online portal, no matter how big or small is your work. Proactive approach of Threat Monitoring makes it important for businesses to implement it across their network.

To know more about threat monitoring and its benefits, contact Centex Technologies at (855) 375 – 9654.

A ransomware is a malware that restricts user’s access to its system until a certain sum of money is paid. It appears as a random note on screen and may look like a legal notice or threat. A ransomware may arrive in the computer system through malicious emails, websites or spams. Cases of ransomware attacks have been increasing day by day and in order to protect your systems from getting affected, you must stay updated about its various forms and how they work.

Here is a list of different strains of ransomware.

WannaCry – The ransomware affected thousands of computer systems this year. It works by exploiting a flaw in Windows’ “Server Message Block (SMB)”protocol. After infecting the system, the malware spreads, encrypts the files and asks the victim to pay in bitcoins in exchange for the decryption key.

Cerber – This ransomware uses phishing emails or exploit kits to gain user’s information. It doesn’t need an active internet connection to run and therefore disconnecting from the web won’t stop the encryption.

Crysis – It uses RSA and AES (Advanced Encryption Standard) encryption algorithms which make the recovery of files almost impossible. The malicious code affects the system and asks for ransom in return of the decrypted files.

CryptoLocker – This malware is distributed via spam email that contains infected attachments or links. The cyber criminals trick people by sending emails regarding their shipment or cancellation of orders. This ransomware uses AES CBC 256-bit encryption algorithm and asks for a payment of around $1300.

CryptoWall – Distributed via spams and exploit kits, this ransomware appeared after the downfall of CryptoLocker. The CryptoWall 4.0 released in 2015, encrypts file names of the encrypted files which makes it more difficult to identify the infected files.

CTB-Locker – CTB is an acronym for Curve, Tor and Bitcoin. These words are basically the advantages offered by this malware, which allows the cyber criminals to access and infect the systems without being traced back. CTB-Locker uses unique RSA key to encrypt files.

ZCryptor – This malicious software is a cryptoworm. It not only affects the victim’s system but also copies itself to the other connected devices and computers. To infect the system, the ransomware masquerades to be an installer of some famous program like Adobe Flash or enters through the infected MS Word macro files.

Jigsaw – It uses the AES algorithm to encrypt the files and deletes them with every passing hour, until the money is paid in the form of bitcoins. If the user tries to restart the system, 1000 files are instantly deleted.

Social Networks

Author

Abdul Subhani

I am the President & CEO of
Centex Technologies Microsoft Small Business Specialist, Certified E-Commerce Consultant, Certified Ethical Hacker, Certified Fraud Examiner, Virtual Instructor and an IT Consultant/Speaker on IT Security, Networking, Small Business Architect, & SEO Internet Marketing.

Certifications

Links

Twitter posts

We've been nominated for Small Business of the Year, Best I.T. Company, Young Entrepreneur of the Year, and CEO of the Year. Register and search for myself or Centex Technologies. It will only take you 5 minutes and I would greatly…lnkd.in/eqhaUXplnkd.in/erfAizd